stephenREVOLUTION2 at barncard.com
Sat Apr 11 21:16:24 CEST 2015
On Sat, Apr 11, 2015 at 8:41 AM, Dr. Hawkins <dochawk at gmail.com> wrote:
> But they would need the encryption key, too.
> mySQL *can* be set to take only secure connections, can't it? Postgres
> can, but runrev inexplicably hasn't seen fit to add the line of code to
> allow this connection to be made; only for mySQL
> > Even more scary is how hackers can get into a system using a "I forgot my
> > password" form with SQL injection, lots of examples on the web.
> But https solves that, doesn't it?
At Dreamhost, mySQL security is determined by the connecting IP number, if
that's a help. If it's not coming from your IP, no access.
Of course somebody will have to maintain the IPs at the webhost, and that
may not be practical for a distribution.
Stephen Barncard - Sebastopol Ca. USA - Deeds Not Words
More information about the use-livecode